TechQA.

Active Directory. Persistent Search or Entry Change Notification

2k views Asked by At

I want to get changes for user entities from active directory(AD) with UnboundID LDAP SDK.

Does AD support Persistent Search or Entry Change Notification by default or I must to do any settings?

Thanks in advance

active-directory ldap unboundid-ldap-sdk
Original Q&A
2

There are 2 answers

3
Esteban On

You have to use the extended search operation on Active Directory which allows you to register to be notified when a change occurs.

This is the OID provided by Microsoft AD for doing so :

https://msdn.microsoft.com/en-us/library/aa366983(v=vs.85).aspx

In terms of UnboundID LDAP SDK, it seems this control should do what you need to be this control (but not a Java expert):

https://docs.ldap.com/ldap-sdk/docs/javadoc/com/unboundid/ldap/sdk/experimental/ActiveDirectoryDirSyncControl.html

0
István Békési On

Based on the suggested comments, LDAP_SERVER_NOTIFICATION_OID control implementation should work on AD. See this very basic test example: 

// LDAP_SERVER_NOTIFICATION_OID (1.2.840.113556.1.4.528)
@Test
public void test_LDAP_SERVER_NOTIFICATION_OID() throws LDAPException, InterruptedException
{
    AsyncSearchResultListener myAsyncSearchResultListener = new MyLdapChangeAsyncListener();

    SearchRequest searchRequest = new SearchRequest(
            myAsyncSearchResultListener,
            "DC=test,DC=lab,DC=com",  // baseDN
            SearchScope.SUB,
            Filter.createPresenceFilter("objectClass"), null);

    Control myControl = new Control("1.2.840.113556.1.4.528");
    searchRequest.addControl(myControl);

    AsyncRequestID asyncSearchId = connection.asyncSearch(searchRequest);

    // Wait 15 seconds for changes to be returned
    Thread.sleep(15000);

    connection.abandon(asyncSearchId);
    connection.close();

}


private class MyLdapChangeAsyncListener implements AsyncSearchResultListener
{
    @Override
    public void searchEntryReturned(SearchResultEntry searchEntry)
    {
        System.out.println(" >>> ldap searchEntryReturned: " + searchEntry);
    }

    @Override
    public void searchReferenceReturned(SearchResultReference searchReference)
    {
        System.out.println(" >>> ldap searchReferenceReturned: " + searchReference);
    }

    @Override
    public void searchResultReceived(AsyncRequestID requestID, SearchResult searchResult)
    {
        System.out.println(" >>> ldap searchResultReceived: " + requestID + " / " + searchResult);
    }

}

The test does not do much. Waits for 15 seconds meanwhile any changes within the baseDN should be printed out.

Related Questions in ACTIVE-DIRECTORY

Related Questions in LDAP

Related Questions in UNBOUNDID-LDAP-SDK

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions